Friday, June 17, 2016



Complete DHS Report for June 17, 2016

Daily Report                                            

Top Stories

• The former chief executive officer of Valor Federal Credit Union was charged June 15 after he allegedly embezzled over $700,000 from the bank and used the money for personal use. – WNEP 16 Scranton See item 5 below in the Financial Services Sector

• Federal officials charged June 15 two hedge fund managers and a former U.S. Food and Drug Administration (FDA) official for their roles in a $32 million insider trading scheme where the hedge fund managers received insider tips from the FDA official on anticipated FDA approvals. – U.S. Securities and Exchange Commission

16. June 15, U.S. Securities and Exchange Commission – (National) Hedge fund managers and former government official charged in $32 million insider trading scheme. The U.S. Securities and Exchange Commission announced charges June 15 against two hedge fund managers and a former U.S. Food and Drug Administration (FDA) official for their roles in a $32 million insider trading scheme where the hedge fund managers received insider tips from the FDA official on anticipated FDA approvals for companies to produce a generic drug ahead of public announcements. One of the hedge fund managers was charged in a separate complaint for insider trading on the FDA’s nonpublic information and for trading on other confidential material obtained from a former Centers for Medicare and Medicaid Services official.

• Crews worked to contain the 12,000-acre Dog Head Fire burning in the Manzano Mountains in New Mexico after the governor issued a state of emergency, evacuated up to 200 residents, and closed Highway 377 June 15. – KOAT 7 Albuquerque

18. June 16, KOAT 7 Albuquerque – (New Mexico) Dog Head Fire more than doubles in size, grows to more than 12,000 acres. Crews worked to contain the 12,000-acre Dog Head Fire burning in the Manzano Mountains in New Mexico after the governor issued a state of emergency, evacuated up to 200 residents, and closed northbound lanes of Highway 377 June 15. Source: http://www.koat.com/news/crews-respond-to-east-mountain-fire/40050956

• Security researchers from Kaspersky Lab investigated the xDedic marketplace and found that 70,624 hacked remote desktop protocol (RDP) servers used to host or provide access to popular consumer Web sites were for sale. – Help Net Security See item 26 below in the Information Technology Sector

Financial Services Sector

5. June 15, WNEP 16 Scranton – (Pennsylvania) Former credit union CEO accused of bank fraud. Pennsylvania officials charged the former chief executive officer of Valor Federal Credit Union, formerly known as Tobyhanna Federal Credit Union, June 15 after he allegedly embezzled over $700,000 from the bank and used the money for personal use. Authorities stated that the former executive also attempted to rig the elections for the bank’s board of directors and established a fraudulent severance deal where he would be paid over $1 million if he was terminated.

6. June 15, KSWB 69 San Diego – (California) Man uses fake ID to get debit card, steals $90K. Authorities are searching June 15 for a man who used a fraudulent ID and documents to steal $90,000 from a victim’s bank accounts at 5 Chase Bank branches in San Diego County since March. Authorities stated that the man is suspected of committing similar thefts in Los Angeles and Orange counties. Source: http://fox5sandiego.com/2016/06/15/man-uses-fake-id-to-get-debit-card-steals-90k/

7. June 15, Newark Star-Ledger – (International) 24 charged in ‘intricate’ international bank fraud ring. Twenty-four people were charged June 14 for their roles in an international bank fraud ring where the group stole $1 million from banks and corporations by creating phony companies to defraud individuals and companies into wiring over $8 million to the group’s fraudulent corporate bank accounts. Authorities stated that the indictments were part of an ongoing investigation that was initiated following a routine traffic stop. Source: http://www.nj.com/middlesex/index.ssf/2016/06/24_charged_in_intricate_international_bank_fraud_r.html

For another story, see item 16 above in Top Stories

Information Technology Sector

24. June 16, Softpedia – (International) Microsoft OLE abused to embed malicious code in Office docs, similarly to macros. Security researchers discovered a macro malware infection method was abusing Microsoft’s Object Linking and Embedding (OLE) system by tricking users into embedding a JavaScript or a VBScript file that downloads an encrypted binary and bypasses network-based protections that identify malicious data formats. Once the scripts save the encrypted binary, a Vibrio or the Donvibs trojan is installed and the final payload, Cerber ransomware can infect the victim’s system. Source: http://news.softpedia.com/news/microsoft-ole-abused-to-embed-malicious-code-in-office-docs-similarly-to-macros-505301.shtml

25. June 15, SecurityWeek – (International) Flaw allowed hackers to steal emails from Verizon users. A security researcher discovered several vulnerabilities in Verizon’s Webmail portal that could be exploited by hackers, who possess a Verizon email account, to substitute the value of the userID in their own request with the victim’s userID in order to forward all the victim’s emails to an arbitrary email address. Victims would be unaware of the email forwarding as the transactions are not shown in the Verizon inbox. Source: http://www.securityweek.com/flaw-allowed-hackers-steal-emails-verizon-users

26. June 15, Help Net Security – (International) 70,000 hacked servers for sale on xDedic underground market. Security researchers from Kaspersky Lab investigated the xDedic marketplace, a global forum where cybercriminals can buy and sell access to compromised servers, and found that 70,624 hacked remote desktop protocol (RDP) servers used to host or provide access to popular consumer Web sites were for sale. The illegal data can be used to target government entities, corporations, and universities without the institute’s knowledge. Source: https://www.helpnetsecurity.com/2016/06/15/xdedic-underground-market/

27. June 15, SecurityWeek – (International) Schneider patches severe flaw in video management system. Schneider Electric released version 7.13.84 for its Pelco Digital Sentry (DS) product after the company found the tool contained hardcoded credentials that could be leveraged by an attacker to elevate their privileges and gain access to sensitive information or execute arbitrary code on the affected system. Source: http://www.securityweek.com/schneider-patches-severe-flaw-video-management-system

Communications Sector

28. June 16, SecurityWeek – (International) No patch for critical RCE flaw in Cisco routers. Cisco reported that it is working to patch several vulnerabilities for its RV series routers after a security researcher found a cross-site scripting flaw, several denial-of-service (DoS) flaws, and another critical flaw, which was caused by insufficient sanitization of Hypertext Transfer Protocol (HTTP) user input in the device’s Web interface, allowing a remote, unauthenticated attack to execute arbitrary code with root privileges on the victim’s system. Source: http://www.securityweek.com/no-patch-critical-rce-flaw-cisco-routers

29. June 14, WTSP 10 St. Petersburg – (Florida) Verizon cell service restored in Florida. Hundreds of customers from Pensacola to Miami experienced Verizon cellphone service outages for more than 2 hours June 14. Source: http://www.wtsp.com/news/verizon-cell-service-restored-in-florida/244164468